<?php

    session_start();

    if (!isset($_SESSION['logged'])) {
        @header("Location: login.php");
        die;
    }

    if (!file_exists("../config.php")) {
        @header("Location: ../install.php");
        die;
    }

    include("../global_conf.php");
    include($site->langdir."/languages.php");
    require_once("./admin_lib.php");
    require_once($site->langdir."/".$_SESSION['lang'].".lang.php");

    // Inserimento dati
    if (isset($_POST['submit_data'])) {
        $cont = array();
        $i=0;
        foreach ($_POST as $key => $value) {
            if ($i < count($_POST)-1) {
                if (empty($_POST[$key]) || strlen($_POST[$key]) == 0) { //XXX
                    $err=$_LANG['error missing fields'];
                    break;
                }
                $cont[$key] = $value;
            }
            ++$i;
        }
        // FIXME: che porcheria schifosa parte 1
        if (!isset($err)) {
            $success=$_LANG['content correctly inserted'];
            if (is_null($_POST['content_type'])) {
                $id=insert_core_content("core", $cont);
            }
            else {
                $content_type=$_POST['content_type'];
                if (isset($_FILES)) {
                    foreach ($_FILES as $key => $file)
                        $_POST[$key]=$file;
                }
                $res=input_sanitizing($_POST);
                if ($res === true) {
                    $id=insert_core_content("core", $cont);
                    unset($_POST['title'], $_POST['description'], $_POST['content_type'], $_POST['submit_data']);
                    if (!insert_additional_content($id['id'], $content_type, $_POST)) {
                            unset($success);
                            $err=$_LANG['cannot insert content'];
                    }
                }
                else
                    $err=$_LANG[$res];
            }
        }
    }
    else if (isset($_POST['update_data'])) {
        /* Update dei valori */
        $cont = array();
        $i=0;
        foreach ($_POST as $key => $value) {
            if ($i < count($_POST)-1) {
                if (empty($_POST[$key]) || strlen($_POST[$key]) == 0) {
                    $err=$_LANG['error missing fields'];
                    break;
                }
                $cont[$key] = $value;
            }
            ++$i;
        }
        if (!isset($err)) {
            $id=$_POST['content_id'];
            if (isset($_POST['content_type'])) {
                if (isset($_FILES)) {
                    foreach ($_FILES as $key => $file)
                        $_POST[$key]=$file;
                }
                $type=$_POST['content_type'];
                $res=input_sanitizing($_POST);
            }
            else
                $type=null;
            unset($_POST['content_type'], $_POST['content_id'], $_POST['update_data']);
            if (isset($res)) {
                if ($res === TRUE) {
                    if (update_content($id, $type, $_POST))
                          $success=$_LANG['content correctly updated'];
                    else
                        $err=$_LANG['cannot update content'];
                }
                else
                    $err=$_LANG[$res];
            }
        }
    }

    // Inserimento NOME del nuovo tipo di dato
    if (isset($_POST['submit_datatype_name'])) {
        // TODO: controlli sull'input
        if (empty($_POST['sname']) || empty($_POST['fname'])) {
            $err=$_LANG['error missing fields'];
        }
        else {
            create_datatype($_POST['sname'], $_POST['fname']);
            $success=$_LANG['datatype inserted'];
        }
    }

    if (isset($_POST['add_attribute'])) {
        // TODO: controlli da fare su ogni stringa, con regexp per lo shortname
        foreach ($_POST as $key => $value) {
            if (empty($value) || strlen($value) < 2) {
                $err=$_LANG['error missing fields'];
                break;
            }
        }
        if (!isset($err)) {
            $attributes=array();
            $attributes['sname']=$_POST['attr_short_name'];
            $attributes['fname']=$_POST['attr_full_name'];
            $attributes['type']=$_POST['attr_type'];
            $attributes['sqltype']=$types[$_POST['attr_type']];

            if (!empty($_POST['t_name'])) {
                if (add_table_attribute($_POST['t_name'], $attributes))
                    $success=$_LANG['attribute inserted'];
                else
                    $err=$_LANG['cannot insert attribute'];
            }
        }
    }

    if (isset($_POST['submit_reorder'])) {
        $type=$_POST['content_type'];
        unset($_POST['content_type'], $_POST['submit_reorder']);
        if (change_columns_order($type, explode(",", $_POST['order'])))
            $success=$_LANG['attributes order changed'];
        else
            $err=$_LANG['cannot change attributes order'];
    }

    if (isset($_GET['publish']) && isset($_GET['view'])) {
        if (strcmp($_SESSION['role'], "insert") != 0)
            $changed=change_publishing(intval($_GET['view']), intval($_GET['publish']));
        else
            $err=$_LANG['no privileges to do that'];
    }

    if (isset($_GET['action']) && isset($_GET['view'])) {
        if (strcmp($_SESSION['role'], "all") != 0 && $_SESSION['logged'] != get_author($nid))
                $err=$_LANG['no privileges to do that'];
        else {
            switch ($_GET['action']) {
                case "delete":
                    $success=$_LANG['content deleted'];
                    if (!delete_content($_GET['view']))
                        $err=$_LANG['cannot delete content'];
                    header("Location: data.php?k=4");
                    die;
                    break;
            }
        }
    }

    $datatab="class=\"active\"";
    require_once("./include/sections.php");
    include("./include/admin_header.php");
?>
    <div id="page">
    <div id="page-bgtop">
    <div id="page-bgbtm">
        <div id="content">
    <?php
        if (isset($err)) {
            echo "<div class=\"error\">".$err."</div>";
        }
        else if (isset($success)) {
            echo "<div class=\"success\">".$success."</div>";
        }

        if (isset($_GET['k'])) {
            $k = intval($_GET['k']);
            if ($k == 1) {
                // Inserimento nuovo tdd
                get_insert_datatype_section();
            }
            else if ($k == 2) {
                // Aggiunta di attributi primitivi al tdd
                get_add_attributes_section();
            }
            else if ($k == 3) {
                // Inserimento nuovo dato
                get_choose_data_section();
            }
            else if ($k == 4) {
                // Lista dati inseriti
                get_display_data_section();
            }
        }
        else if (isset($_GET['i'])) {
            // FIXME: controllo qui
            get_insert_data_section($_GET['i']);
        }
        else if (isset($_GET['action']) && strcmp($_GET['action'], "modify") == 0) {
            $cont=DBmanager::getInstance()->get_node($_GET['view'], true);
            get_insert_data_section($cont['content_type'], $cont);
        }
        else if (isset($_GET['m'])) {
            get_manage_attribute_section($_GET['m']);
        }
        else if (isset($_GET['view'])) {
            $id=intval($_GET['view']);
            if ($id) {
                $node=DBmanager::getInstance()->get_node($id, true);
                unset($node['id']);
                if ($node) {
                    $published=$node['published'];
                    $authors=get_usernames();
                    $full_names=get_attributes_property("full_name");
                    unset($node['published']);
                    echo "<div class=\"post\">
                        <h2 class=\"title\">".$node['title']."</h2>";
                    unset($node['title']);
                    $table="<table>";
                    foreach ($node as $key => $value) {
                        $table.="<tr><td>";
                        if (isset($full_names[$key]))
                            $table.=$full_names[$key]."</td><td>".$value."</td></tr>";
                        else {
                            $table.=$_LANG[$key]."</td><td>";
                            if (strcmp($key, "author") == 0)
                                    $value=$authors[$value];
                            $table.=$value."</td></tr>";
                        }
                    }
                    $table.="</table>";
                    echo $table."</div>";
                    echo "<div class=\"post\">
                            <h3 class=\"title\">".$_LANG['additional informations']."</h3>";
                    if ($published) {
                        echo "<div class=\"publishlink publishedlink\">".$_LANG['this content is published']."</div>";

                        require_once($site->classdir."/qrcoder.php");
                        $qrcoder=new qrcoder();
                        echo "<div class=\"entry\">
                                <fieldset>
                                    <legend>".$_LANG['generated qr-code']."</legend>";
                        if (!isset($_GET['qrdim']))
                            echo $qrcoder->get_qr_image($url, $id);
                        else {
                            switch($_GET['qrdim']) {
                                case "s":
                                    $size="S";
                                    break;
                                case "m":
                                    $size="M";
                                    break;
                                case "b":
                                    $size="L";
                                    break;
                                default:
                                    $size="M";
                            }
                            echo $qrcoder->get_qr_image($url, $id, $size);
                        }
                        echo "<label>".$_LANG['copy value to embed']."</label>
                            <input style=\"width: 75%; display: block\" type=\"text\" value=\"".htmlentities(urldecode($qrcoder->get_qr_image($url, $id)))."\" />";
                        $links="<p class=\"links\"><a ";
                        if (isset($_GET['qrdim']) && $_GET['qrdim'] == "s")
                            $links.="class=\"selected\" ";
                        $links.="href=\"data.php?view=".$_GET['view']."&qrdim=s\">".$_LANG['small']."</a>&nbsp;-&nbsp;<a ";
                        if (!isset($_GET['qrdim']) || $_GET['qrdim'] == "m")
                            $links.="class=\"selected\" ";
                        $links.="href=\"data.php?view=".$_GET['view']."&qrdim=m\">".$_LANG['medium']."</a>&nbsp;-&nbsp;<a ";
                        if (isset($_GET['qrdim']) && $_GET['qrdim'] == "b")
                            $links.="class=\"selected\" ";
                        $links.="href=\"data.php?view=".$_GET['view']."&qrdim=b\">".$_LANG['big']."</a></p></fieldset></div>";
                        echo $links;
                    }
                    else  {
                        echo "<div class=\"publishlink notpublishedlink\">".$_LANG['this content has not been published']."</div>";

                    }
                    echo "</div>";
                    if (strcmp($_SESSION['role'], "insert") != 0) { // se non sono l'ultima ruota del carro :)
                            if ($published)
                                echo "<a class=\"buttonlink\" href=\"?view=".$_GET['view']."&publish=0\">".$_LANG['remove published content']."</a>";
                            else
                                echo "<a class=\"buttonlink\" href=\"?view=".$_GET['view']."&publish=1\">".$_LANG['publish now']."</a>";
                    }

                    if (strcmp($_SESSION['role'], "all") == 0 || $_SESSION['logged'] == $node['author']) {
                        echo " | <a class=\"buttonlink\" href=\"?view=".$_GET['view']."&action=delete\" >".$_LANG['delete']."</a>".
                                " | ".
                                "<a class=\"buttonlink\" href=\"?view=".$_GET['view']."&action=modify\" >".$_LANG['modify']."</a>";
                    }
                }
                else {
                    echo "<div class=\"post\">
                            <h2 class=\"title\">".$_LANG['invalid node']."</h2>
                            </div>";
                }
            }
            else {
                echo "<div class=\"error\">".$_LANG['invalid node']."</div>";
            }
        }
        else {
            get_data_section();
        }
    ?>
        </div>
        <div style="clear: both">&nbsp;</div>
    </div>
    </div>
    </div>
<?php
    include("./include/admin_footer.php");
?>